ClawHub

K8s Yaml Connect

v1.0.0

Connect to Kubernetes clusters using YAML configuration files. Use when you need to apply, validate, or manage Kubernetes resources via kubectl with YAML inp...

0· 45·0 current·0 all-time
by@jokerzeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (apply/validate/manage Kubernetes YAML and kubeconfig) align with included scripts and README. Requiring kubectl and tools like kubeval/yamllint is expected for this functionality. package.json lists kubectl as a peerDependency (informational) — reasonable though kubectl is not an npm package.
Instruction Scope
SKILL.md and scripts explicitly describe running kubectl commands, validating YAML, and creating/updating kubeconfig files. The scripts read stdin or files and call kubectl/kubeval/yamllint as needed. They do not instruct the agent to read unrelated system files or send data to external endpoints beyond normal kubectl communication with the cluster.
Install Mechanism
No automated install/download steps are included; scripts are local and instruction-only. SKILL.md gives legitimate kubectl installation examples using official release URLs/package managers (dl.k8s.io, brew, apt, choco). No arbitrary remote URLs or archive extraction performed by the skill itself.
Credentials
The skill declares no required env vars, which matches the registry metadata, but runtime use relies on KUBECONFIG and $HOME (for writing kubeconfig files). This is proportionate for kubeconfig management, but kubeconfig files can contain cluster credentials—users should avoid providing kubeconfigs from untrusted sources.
Persistence & Privilege
Scripts create files under the user's home (e.g., ~/.kube/config-<timestamp>) or temporary files and print commands to merge or export KUBECONFIG. The skill does not automatically modify shell profiles or other skills' configurations, nor is it forced to always load (always:false). Users should be aware the scripts can create/replace kubeconfig files if run with non-temp options.
Assessment
This skill appears to do what it claims, but take these precautions before using it: - Ensure kubectl is installed locally and you understand the cluster you will target. kubectl will contact whatever cluster the kubeconfig points to. - Kubeconfig files contain credentials: only provide kubeconfig YAML from trusted sources and prefer using the -t/--temp option when testing. - The scripts will create files in your home (~/.kube/...) and print commands to merge configs or export KUBECONFIG; they do not automatically update your shell profiles but will show commands that, if executed, make changes permanent. - Validate any YAML from external sources (use dry-run) to avoid applying malicious workloads to your clusters. - If you need higher assurance, inspect the scripts locally and run them in a non-production environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bc69an6avdrj3gmdtg9vewx83ykcv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments